High severity8.8NVD Advisory· Published Feb 1, 2023· Updated Jun 17, 2026
CVE-2023-24610
CVE-2023-24610
Description
NOSH 4a5cfdb allows remote authenticated users to execute PHP arbitrary code via the "practice logo" upload feature. The client-side checks can be bypassed. This may allow attackers to steal Protected Health Information because the product is for health charting.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- NOSH/NOSHdescription
Patches
Vulnerability mechanics
References
3- gist.github.com/abbisQQ/d8392acf7e02003e73af973cc9f5f54anvdThird Party Advisory
- github.com/shihjay2/nosh2/tree/4a5cfdbd73f6a2ab5ee43a33d173c46fe0271533nvdProductThird Party Advisory
- noshemr.wordpress.comnvdThird Party Advisory
News mentions
0No linked articles in our index yet.